The present invention relates to cryptographic communication with mobile devices. Some aspects of the invention were motivated by authentication problems related to smartcards and other hardware security tokens (also called identity tokens or hardware tokens or just tokens herein). The invention is not limited to such problems however.
Identity tokens such as smartcards, RFID tags, and battery powered key fobs are widely used to provide authenticated access to services, e.g. to provide physical access to buildings, rooms and other areas, or electronic access to computer networks, databases and other computer resources. As shown in FIG. 1, an identity token 110 includes a computer processor (typically a microprocessor) 120 with a computer memory 130 storing authentication data such as the token identification (ID) 134, a cryptographic key 138, and maybe personal information (e.g. name) of the token's holder 140, and maybe other information. Memory 130 also stores a computer program 142 executed by processor 120 to authenticate the token holder to a token reader 144. In addition, the token includes an interface 150 used to communicate with reader 144. Interface 150 can be wireless (e.g. RF (radio frequency) for Radio Frequency Identification (RFID)). Reader 144 includes a suitable interface 170 for communicating with the token. Reader 144 further includes a computer processor 174 and memory 180 which stores cryptographic keys 184 for different tokens (keys 184 may or may not be equal to the tokens' keys 138) and stores a computer program 186 executed by processor 174 to authenticate the token. Upon successful authentication, reader 144 allows the token holder 140 to access the pertinent resource, e.g. reader 144 causes unlocking of an electronic door guarding access to a secured building or allows electronic access to a computer resource such as a network or a database.
At least some of cryptographic keys 138, 184 must be kept secret in order to prevent false authentication by an unauthorized person. These keys can be stolen or guessed, and in order to limit the resulting damage the keys are periodically changed (“updated”). A token's key 138 and the readers' keys 184 must be updated at the same time to ensure that the token holder will have uninterrupted access to the secured resource. Some embodiments of the present invention provide techniques that help ensure uninterrupted access when token keys 138 and reader keys 184 are not updated at the same time.
A single token can be used for multiple purposes, e.g. to provide access to different areas requiring different cryptographic keys. Some embodiments seek to simplify authentication for multi-purpose tokens.